True Random Number Generator Goes Online

amigoro writes "A 'true' random number generator that relies on the unpredictable quantum process of photon emission has gone online providing academic and scientific community access to true random numbers free of charge."

An external random number generator?

[solevita]

Call me paranoid, but I think I'd rather use a local pseudo random number generator than an external true random generator. My security concerns associated with using a local pseudo random number generator are outweighed by my privacy concerns of contacting a third party every time I want to establish a SSH connection or use my credit card online.

Great for research though, of course.

Re:Great

[TheSHAD0W]

Beware of MITM attacks!

close

[geekoid]

"Random" is a word used when an event has too many unknowns to reasonably no the outcome.

To use a very simple random event: Flipping a coin.

If you know all the variables, you will know what the outcome will be.
How heavy is the coin? what side is up at the moment of the flip? whats the air density? how hard was it flipped? etc. . .

Re:Wait...

[Lord+Ender]

Actually, a random number generator isn't really random unless it is possible for it to generate the number 42 a thousand times in a row...

Re:Why pseudo-random for research? Reproducibility

[AK+Marc]

If you need to repeat the random series, why don't you just store the numbers in a file?

Because with pseudo-random seeds, I do. I store the 1000 seeds and run it 10,000 iterations on each run. If I were to store each random number, I'd have to store 10,000,000 numbers in my file rather than 1000. I'll always store them, but the question is whether it takes 1000 records or 10,000,000. For academic purposes, the results aren't statistically different, so why store more numbers?

Re:Wait...

[ajs]

Actually, a random number generator isn't really random unless it is possible for it to generate the number 42 a thousand times in a row... Not so.

A random number generator might generate numbers in the range 0x10000000 to 0xfffffff0 (and thus never generate 42 (0x0000002a) as a result). As long as the distribution within that range is uniform, non-periodic, and lacking in underlying structure, it's random. If it meets the first and last requirement, but is periodic, then it's pseudo-random.

Re:wonky definition of pseudo-random

[Baron+von+Leezard]

I'm not concerned that it's not pseudo-random. My point is that's not how any modern pseudo-random number generators actually work. Maybe during WWII, but not today. The common PRNG techniques are:

1. linear congruential generators
   
2. lagged Fibonacci generators
   
3. linear feedback shift registers
   
4. generalised feedback shift registers
   
5. Mersenne twister
   
6. Fortuna (if you need one that's cryptographically secure)
   
7. Blum Blum Shub (likewise)
   

These are all pure mathematical algorithms. Nowhere in any of these is there any sort of pre-generated random lookup tables. (Unless you count the S-boxes used in some block ciphers with Fortuna.) Pre-generated "random" lookup tables only hide poor randomness in the generation process and don't actually improve the situation cryptographically at all; I suspect that for most other applications there would be problems as well. If your generated numbers don't cover the entire domain space uniformly, then they still won't no matter how many lookup tables you use to transform them.

According to the article, people are sitting around rolling dice to generate random number sequences. Really? REALLY?!? Who wrote this article?

[BvL]